WTF *Nix

A lot have asked what Samba is, so I’m a break it down for you slowly and pretty much on target for the “general” audience. Samba is pretty much a suite of nice tools/utilities that allows your *nix box to share files, printers, other resources with your Windoz boxes. Yes this is pretty much as like your Active Directory for Windows but in a more stable and SECURE way of doing what you consider a (PDC Primary Domain Controller) / a server within the Windoz Workgroup. Once you configure Samba appropriately, you will allow pretty much whomever is on your network to have some of the following cool features:

1.       Their own logins on the network you set this up for within the Windoz. Where having their own files on the *nix box appear to be located on a new Windoz drive.

2.       Shared access permissions to printers and other resources on the *nix box, this is up to the administrator on what he/she wants.

3.       Shared files can be accessible to only the members of their *nix user group. (This goes within the role of the Samba Admin.)

Some have no clue what a PDC vs. a Windows Workgroup, well I’m a break it out for you here:

PDC – pretty much stores the login info in a central db on its hard drive, which this allows each user to have a pretty flexible username and password that can be used all throughout the network when logging into the network.

Windoz Workgroup – This is on the PC of the Windoz boxes where it stores the usernames and passwords locally so that they are pretty much unique for each PC (user)

Simple enough huh? Well that’s your passing crash course on Windoz methodology!

Samba pretty much mimics a Windoz PDC in almost every way needed to share files simply, however Linux functionality doesn’t disappear when you do this, so keep that in mind. Samba domains and Linux share the same usernames so they can pretty much log into the Samba-based Windoz domain using your Linux password and immediately gain access too whatever is assigned too you under your user. Pretty much whatever is assigned too you under your /home/username/ folder for files, and the network admin should know to NEVER give root access to anyone. =) However keep in mind the Admin should think about added security if needed by creating the passwords for the Linux user and the Samba user different. This will help out in more ways imaginable, where security should be a big concern, because anyone in the outside world is always treated as an enemy. Sucks to think about it that way, but you can NOT trust anyone other than your co-workers (well…. Nvm.)

So hope this helps some out what Samba really is, and if you have it like me at home, I have a Samba domain up and it works wonders from versioning controls and using it to store Visual Source Safe on as well for extra security and simplicity rather than dealing with NFTS.

NAME

diff – compare files line by line

SYNOPSIS

diff [OPTION]… FILES

DESCRIPTION

Compare files line by line.

-i –ignore-case
Ignore case differences in file contents.

–ignore-file-name-case
Ignore case when comparing file names.

–no-ignore-file-name-case
Consider case when comparing file names.

-E –ignore-tab-expansion
Ignore changes due to tab expansion.

-b –ignore-space-change
Ignore changes in the amount of white space.

-w –ignore-all-space
Ignore all white space.

-B –ignore-blank-lines
Ignore changes whose lines are all blank.

-I RE –ignore-matching-lines=RE
Ignore changes whose lines all match RE.

–strip-trailing-cr
Strip trailing carriage return on input.

-a –text
Treat all files as text.

-c -C NUM –context[=NUM]
Output NUM (default 3) lines of copied context.

-u -U NUM –unified[=NUM]
Output NUM (default 3) lines of unified context.

–label LABEL
Use LABEL instead of file name.

-p –show-c-function
Show which C function each change is in.

-F RE –show-function-line=RE
Show the most recent line matching RE.

-q –brief
Output only whether files differ.

-e –ed
Output an ed script.

–normal
Output a normal diff.

-n –rcs
Output an RCS format diff.

-y –side-by-side
Output in two columns.

-W NUM –width=NUM
Output at most NUM (default 130) print columns.

–left-column
Output only the left column of common lines.

–suppress-common-lines
Do not output common lines.

-D NAME –ifdef=NAME
Output merged file to show `#ifdef NAME’ diffs.

–GTYPE-group-format=GFMT
Similar, but format GTYPE input groups with GFMT.

–line-format=LFMT
Similar, but format all input lines with LFMT.

–LTYPE-line-format=LFMT
Similar, but format LTYPE input lines with LFMT.

LTYPE is `old’, `new’, or `unchanged’.
GTYPE is LTYPE or `changed’.

GFMT may contain:

%< lines from FILE1

%> lines from FILE2

%= lines common to FILE1 and FILE2

%[-][WIDTH][.[PREC]]{doxX}LETTER
printf-style spec for LETTER

LETTERs are as follows for new group, lower case for old group:

F first line number

L last line number

N number of lines = L-F+1

E F-1

M L+1

LFMT may contain:

%L contents of line

%l contents of line, excluding any trailing newline

%[-][WIDTH][.[PREC]]{doxX}n
printf-style spec for input line number

Either GFMT or LFMT may contain:

%% %

%c’C’ the single character C

%c’\OOO’
the character with octal code OOO

-l –paginate
Pass the output through `pr’ to paginate it.

-t –expand-tabs
Expand tabs to spaces in output.

-T –initial-tab
Make tabs line up by prepending a tab.

-r –recursive
Recursively compare any subdirectories found.

-N –new-file
Treat absent files as empty.

–unidirectional-new-file
Treat absent first files as empty.

-s –report-identical-files
Report when two files are the same.

-x PAT –exclude=PAT
Exclude files that match PAT.

-X FILE –exclude-from=FILE
Exclude files that match any pattern in FILE.

-S FILE –starting-file=FILE
Start with FILE when comparing directories.

–from-file=FILE1
Compare FILE1 to all operands. FILE1 can be a directory.

–to-file=FILE2
Compare all operands to FILE2. FILE2 can be a directory.

–horizon-lines=NUM
Keep NUM lines of the common prefix and suffix.

-d –minimal
Try hard to find a smaller set of changes.

–speed-large-files
Assume large files and many scattered small changes.

-v –version
Output version info.

–help Output this help.

FILES are `FILE1 FILE2′ or `DIR1 DIR2′ or `DIR FILE…’ or `FILE…
DIR’. If –from-file or –to-file is given, there are no restrictions
on FILES. If a FILE is `-’, read standard input.

AUTHOR

Written by Paul Eggert, Mike Haertel, David Hayes, Richard Stallman,
and Len Tower.

REPORTING BUGS

Report bugs to .

COPYRIGHT

Copyright (C) 2002 Free Software Foundation, Inc.

This program comes with NO WARRANTY, to the extent permitted by law.
You may redistribute copies of this program under the terms of the GNU
General Public License. For more information about these matters, see
the file named COPYING.

SEE ALSO

The full documentation for diff is maintained as a Texinfo manual. If
the info and diff programs are properly installed at your site, the
command

info diff

should give you access to the complete manual.

What’s in your Kernel sysctl file? Here’s mine and in hopes of helping others out if you have questions, feel free to jump right in and ask away. I pretty much have mine all commented for you.

# Disables packet forwarding
net.ipv4.ip_forward=0

# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0

# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

# Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0

# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

# Disables the magic-sysrq key
kernel.sysrq = 0

# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 15
# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800

# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0

# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0

# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1

# Enable ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Enable bad error message Protection
net.ipv4.icmp_ignore_bogus_error_responses = 1

# Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 1

# Increases the size of the socket queue (effectively, q0).
net.ipv4.tcp_max_syn_backlog = 1024

# Increase the tcp-time-wait buckets pool size
net.ipv4.tcp_max_tw_buckets = 1440000

# Allowed local port range
net.ipv4.ip_local_port_range = 16384 65536

Remember do NOT go and do this to your system unless you know what the hell you are doing, if you don’t have any clue do your research before you go tinkering around and running sysctl -p and on your next reboot you will be faced with the bigger kernel panic ever seen to mankind

Your fair warning!